using System;
using System.Collections.Generic;
using System.Data;
using System.Web;
using System.Web.UI.WebControls;
using btnet;

/// <summary>
/// Summary description for edit_report
/// </summary>
public partial class edit_report : System.Web.UI.Page
{
    int id;
String sql;

protected Security security;

void Page_Init (object sender, EventArgs e) {ViewStateUserKey = Session.SessionID;}


///////////////////////////////////////////////////////////////////////
void Page_Load(Object sender, EventArgs e) {

    if (!IsPostBack)
    {
        String footer_label = null;
        if (Application["custom_footer"] != null)
        {
            footer_label = (String)Application["custom_footer"];
        }
        custom_footer_label.Text = footer_label;
    }

    Util.do_not_cache(Response);
	
	security = new Security();

	security.check_security( HttpContext.Current, Security.ANY_USER_OK_EXCEPT_GUEST);

	if (security.user.is_admin || security.user.can_edit_reports)
	{
		//
	}
	else
	{
		Response.Write ("You are not allowed to use this page.");
		Response.End();
	}

	titl.InnerText = Util.get_setting("AppTitle","BugTracker.NET") + " - "
		+ "edit report";

	msg.InnerText = "";

	string var = Request.QueryString["id"];
	if (var == null) {
		id = 0;
	} else {
		id = Convert.ToInt32(var);
	}

	if (!IsPostBack)
	{
		// add or edit?
		if (id == 0)
		{
			sub.Value = "Create";
			sql_text.Value = Request.Form["sql_text"]; // if coming from search.aspx
			table.Checked = true;
		}
		else
		{
			sub.Value = "Update";

			// Get this entry's data from the db and fill in the form
			sql = @"select
				rp_desc, rp_sql, rp_chart_type
				from reports where rp_id = $1";
			sql = sql.Replace("$1", Convert.ToString(id));
			DataRow dr = btnet.DbUtil.get_datarow(sql);

			// Fill in this form
			desc.Value = (string) dr["rp_desc"];
			
			if (Util.get_setting("HtmlEncodeSql","0") == "1")
			{
				sql_text.Value = Server.HtmlEncode((string) dr["rp_sql"]);
			}
			else
			{
				sql_text.Value = (string) dr["rp_sql"];
			}
			
			switch ((string) dr["rp_chart_type"]) {
				case "pie":
					pie.Checked = true;
					break;
				case "bar":
					bar.Checked = true;
					break;
				case "line":
					line.Checked = true;
					break;
				default:
					table.Checked = true;
					break;
			}
		}
	}
	else
	{
		on_update();
	}
}


///////////////////////////////////////////////////////////////////////
Boolean validate() {
	Boolean good = true;

	if (desc.Value == "") {
		good = false;
		desc_err.InnerText = "Description is required.";
	} else {
		desc_err.InnerText = "";
	}

	if (sql_text.Value == "") {
		good = false;
		msg.InnerText = "The SQL statement is required.  ";
	} else {
		msg.InnerText = "";
	}

	return good;
}

///////////////////////////////////////////////////////////////////////
void on_update()
{
	Boolean good = validate();
	string ct;

	if (good)
	{
		if (id == 0) {  // insert new
			sql = @"insert into reports
				(rp_desc, rp_sql, rp_chart_type)
				values (N'$de', N'$sq', N'$ct')";
		}
		else
		{	// edit existing
			sql = @"update reports set
				rp_desc = N'$de',
				rp_sql = N'$sq',
				rp_chart_type = N'$ct'
				where rp_id = $id";
			sql = sql.Replace("$id", Convert.ToString(id));
		}

		sql = sql.Replace("$de", desc.Value.Replace("'","''"));
		sql = sql.Replace("$sq", Server.HtmlDecode(sql_text.Value.Replace("'", "''")));

		if (pie.Checked) {
			ct = "pie";
		} else if (bar.Checked) {
			ct = "bar";
		} else if (line.Checked) {
			ct = "line";
		} else {
			ct = "table";
		}

		sql = sql.Replace("$ct", ct);

		btnet.DbUtil.execute_nonquery(sql);
		Server.Transfer("reports.aspx");
	}
	else
	{
		if (id == 0)
		{  // insert new
			msg.InnerText += "Query was not created.";
		}
		else
		{	// edit existing
			msg.InnerText += "Query was not updated.";
		}
	}
}
}